package cn.myframe.shiro;

import lombok.Getter;
import org.apache.shiro.authc.AuthenticationToken;

import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;

@Getter
public class JWTToken implements AuthenticationToken {

    // 密钥
    private String token;

    //accessToken过期时，freshToken未过期，刷新accessToken,添加到response
    private ServletResponse response;

    public JWTToken(String token) {
        this.token = token;
    }

    public JWTToken(String token,ServletResponse response) {
        this.token = token;
        this.response =  response;
    }

    @Override
    public Object getPrincipal() {
        return token;
    }

    @Override
    public Object getCredentials() {
        return token;
    }

    public void buildResponse(String accessToken){
        if(response != null){
            //浏览器默认是不让获得header中其他值，只能获得 Content-Type
            HttpServletResponse httpServletResponse = (HttpServletResponse) response;
            httpServletResponse.setHeader("Access-Control-Expose-Headers", "accessToken");
            httpServletResponse.setHeader("accessToken",accessToken);
        }
    }
}
